Commit fe6b6bc8 authored by Chenyi Qiang's avatar Chenyi Qiang Committed by Paolo Bonzini
Browse files

KVM: VMX: Enable bus lock VM exit 

Virtual Machine can exploit bus locks to degrade the performance of
system. Bus lock can be caused by split locked access to writeback(WB)
memory or by using locks on uncacheable(UC) memory. The bus lock is
typically >1000 cycles slower than an atomic operation within a cache
line. It also disrupts performance on other cores (which must wait for
the bus lock to be released before their memory operations can
complete).

To address the threat, bus lock VM exit is introduced to notify the VMM
when a bus lock was acquired, allowing it to enforce throttling or other
policy based mitigations.

A VMM can enable VM exit due to bus locks by setting a new "Bus Lock
Detection" VM-execution control(bit 30 of Secondary Processor-based VM
execution controls). If delivery of this VM exit was preempted by a
higher priority VM exit (e.g. EPT misconfiguration, EPT violation, APIC
access VM exit, APIC write VM exit, exception bitmap exiting), bit 26 of
exit reason in vmcs field is set to 1.

In current implementation, the KVM exposes this capability through
KVM_CAP_X86_BUS_LOCK_EXIT. The user can get the supported mode bitmap
(i.e. off and exit) and enable it explicitly (disabled by default). If
bus locks in guest are detected by KVM, exit to user space even when
current exit reason is handled by KVM internally. Set a new field
KVM_RUN_BUS_LOCK in vcpu->run->flags to inform the user space that there
is a bus lock detected in guest.

Document for Bus Lock VM exit is now available at the latest "Intel
Architecture Instruction Set Extensions Programming Reference".

Document Link:
https://software.intel.com/content/www/us/en/develop/download/intel-architecture-instruction-set-extensions-programming-reference.html



Co-developed-by: default avatarXiaoyao Li <xiaoyao.li@intel.com>
Signed-off-by: default avatarXiaoyao Li <xiaoyao.li@intel.com>
Signed-off-by: default avatarChenyi Qiang <chenyi.qiang@intel.com>
Message-Id: <20201106090315.18606-4-chenyi.qiang@intel.com>
Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
parent 15aad3be

arch/x86/include/asm/kvm_host.h

+7 −0
Original line number Diff line number Diff line
@@ -52,6 +52,9 @@ 
#define KVM_DIRTY_LOG_MANUAL_CAPS   (KVM_DIRTY_LOG_MANUAL_PROTECT_ENABLE | \

					KVM_DIRTY_LOG_INITIALLY_SET)



#define KVM_BUS_LOCK_DETECTION_VALID_MODE	(KVM_BUS_LOCK_DETECTION_OFF | \

						 KVM_BUS_LOCK_DETECTION_EXIT)



/* x86-specific vcpu->requests bit members */

#define KVM_REQ_MIGRATE_TIMER		KVM_ARCH_REQ(0)

#define KVM_REQ_REPORT_TPR_ACCESS	KVM_ARCH_REQ(1)
@@ -996,6 +999,8 @@ struct kvm_arch { 
		struct msr_bitmap_range ranges[16];

	} msr_filter;



	bool bus_lock_detection_enabled;



	struct kvm_pmu_event_filter *pmu_event_filter;

	struct task_struct *nx_lpage_recovery_thread;
@@ -1418,6 +1423,8 @@ extern u8 kvm_tsc_scaling_ratio_frac_bits; 
extern u64  kvm_max_tsc_scaling_ratio;

/* 1ull << kvm_tsc_scaling_ratio_frac_bits */

extern u64  kvm_default_tsc_scaling_ratio;

/* bus lock detection supported? */

extern bool kvm_has_bus_lock_exit;



extern u64 kvm_mce_cap_supported;

arch/x86/include/asm/vmx.h

+1 −0
Original line number Diff line number Diff line
@@ -73,6 +73,7 @@ 
#define SECONDARY_EXEC_PT_USE_GPA		VMCS_CONTROL_BIT(PT_USE_GPA)

#define SECONDARY_EXEC_TSC_SCALING              VMCS_CONTROL_BIT(TSC_SCALING)

#define SECONDARY_EXEC_ENABLE_USR_WAIT_PAUSE	VMCS_CONTROL_BIT(USR_WAIT_PAUSE)

#define SECONDARY_EXEC_BUS_LOCK_DETECTION	VMCS_CONTROL_BIT(BUS_LOCK_DETECTION)



#define PIN_BASED_EXT_INTR_MASK                 VMCS_CONTROL_BIT(INTR_EXITING)

#define PIN_BASED_NMI_EXITING                   VMCS_CONTROL_BIT(NMI_EXITING)

arch/x86/include/asm/vmxfeatures.h

+1 −0
Original line number Diff line number Diff line
@@ -83,5 +83,6 @@ 
#define VMX_FEATURE_TSC_SCALING		( 2*32+ 25) /* Scale hardware TSC when read in guest */

#define VMX_FEATURE_USR_WAIT_PAUSE	( 2*32+ 26) /* Enable TPAUSE, UMONITOR, UMWAIT in guest */

#define VMX_FEATURE_ENCLV_EXITING	( 2*32+ 28) /* "" VM-Exit on ENCLV (leaf dependent) */

#define VMX_FEATURE_BUS_LOCK_DETECTION	( 2*32+ 30) /* "" VM-Exit when bus lock caused */



#endif /* _ASM_X86_VMXFEATURES_H */

arch/x86/include/uapi/asm/kvm.h

+1 −0
Original line number Diff line number Diff line
@@ -112,6 +112,7 @@ struct kvm_ioapic_state { 
#define KVM_NR_IRQCHIPS          3



#define KVM_RUN_X86_SMM		 (1 << 0)

#define KVM_RUN_X86_BUS_LOCK     (1 << 1)



/* for KVM_GET_REGS and KVM_SET_REGS */

struct kvm_regs {

arch/x86/include/uapi/asm/vmx.h

+3 −1
Original line number Diff line number Diff line
@@ -89,6 +89,7 @@ 
#define EXIT_REASON_XRSTORS             64

#define EXIT_REASON_UMWAIT              67

#define EXIT_REASON_TPAUSE              68

#define EXIT_REASON_BUS_LOCK            74



#define VMX_EXIT_REASONS \

	{ EXIT_REASON_EXCEPTION_NMI,         "EXCEPTION_NMI" }, \
@@ -150,7 +151,8 @@ 
	{ EXIT_REASON_XSAVES,                "XSAVES" }, \

	{ EXIT_REASON_XRSTORS,               "XRSTORS" }, \

	{ EXIT_REASON_UMWAIT,                "UMWAIT" }, \

	{ EXIT_REASON_TPAUSE,                "TPAUSE" }

	{ EXIT_REASON_TPAUSE,                "TPAUSE" }, \

	{ EXIT_REASON_BUS_LOCK,              "BUS_LOCK" }



#define VMX_EXIT_REASON_FLAGS \

	{ VMX_EXIT_REASONS_FAILED_VMENTRY,	"FAILED_VMENTRY" }